[Snort-users] Malware detection with Snort

Mayur Patil ram.nath241089 at ...11827...
Tue Nov 26 11:32:57 EST 2013


Hi Daniel,

The Snort has come with predefined rules which detect the "Network Trojan"
might be helpful to deal with the current malware

analysis IMO. :)

Now, about the forensics approach as Salvo said.

I would like to suggest technique logging i.e. export logs to remote log
server using rSyslog, free log management utility with

awesome community support. If your system gets compromised, you will have
track of system activities with you due to remote

log exportation and take countermeasure actions on it such tuning Snort or
other security areas of your network which will be

proved as proactive approach.

Keep us posting to know your experimentations !!

-- 

*Cheers,Mayur*.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20131126/8adecf09/attachment.html>


More information about the Snort-users mailing list